So, you’ve purchased your new domain, ensured it’s appropriately secured, and set up hosting in a good neighborhood. The following will help you nurture your domain and successfully build its reputation to ensure it’s an asset for the long term, not just the next 10 minutes.

Beware – with a new domain comes distrust

When a security expert observes a domain for the first time on the internet, they will assign it with “no reputation” or “low reputation” because reputation is based on history. Generally, for the first 30 days after initial registration, most companies specializing in threat intelligence will flag a newly registered domain. The flag indicates the domain is under heightened scrutiny and is being watched for malicious activities, which include immediately sending mass emails.

Cybercriminals purchase hundreds, if not thousands, of domains in bulk to “burn” them. As soon as a data reputation specialist flags the domain as being malicious, the miscreants dispose of that flagged domain and use another one.

In contrast, an old domain that has been with the same owner for some time is a solid identifier for security specialists that someone has invested in this domain – it’s been cared for. Even at its most basic level, the domain owner has paid for its renewal annually. After all, even free domains have a cost associated with them after their first year. Nurture your domain to get it established… because….

With distrust comes limited use

The lack of any reputation associated with a domain will affect what you can immediately do with your new domain, including the ability for bulk email to be successfully delivered. Al Iverson discovered this as explained in Pro-tip: Age that new domain.

Additionally, having no associated reputation may prevent someone from reaching your website because their DNS provider is using DNS Firewall. This will block their request to visit your website because there is no reputation attached to your domain and therefore considered a potential risk to visit.

1. Show you’re invested in your domain with DNS TXT validation

By adding a verification code to your DNS records, you are demonstrating to the broader internet community that you have control of this domain, i.e., someone is paying money to use this service on the domain, so they have an investment in it.

2. Don’t hide on WHOIS []

If a business owns the domain, make sure you don’t have any WHOIS Masking or Private Domain Registration in place. These  privacy protection services are usually offered by domain registrars where they will either:

  1. Not publish the domain owner’s contact details
  2. Publish “masked” details, for example, data that points to anonymous names and addresses.

It’s important to remember that GDPR doesn’t apply to businesses, so please, be transparent. If it looks like you’re hiding who owns the domain, it seems suspect. You want people to be able to verify that your company owns your domain, and this builds trust and increases the reputation of your domain.

Think about how you’d feel opening your front door to someone with their whole face and eyes obscured. You’d probably feel a little uncomfortable and unlikely to trust that individual. In the same way, don’t hide who you are as a domain owner.

Now you own a new domain; you can send emails, right? Er…no. Not so fast.

3. Establish a strong connection between your new domain and your existing brand domain

If you have a bonafide requirement for a new domain name in addition to your main one, ensure it can be related back to your brand domain. The more links between your domains, the stronger the relationship is, and your domains’ reputation will be stronger. Here are a few suggestions on how to establish that connection:

  • Use the same hosting structure
  • Link to the new domain name from your existing domain’s webpages
  • For domains used for internationalization, make it easy to understand that the local domain, e.g., Spain belongs to your primary domain.

4. If you’re using your domain for email, set up the correct authentication.

The set-up of various authentication and encryption protocols is crucial to establishing good deliverability. Bypass this at your own risk. From DKIM to SPF, this best practice, written by our deliverability experts, has it covered.

5. Warm up your domain slowly when sending bulk email

Don’t send a bulk email run with your newly acquired domain name. First impressions matter a great deal and remain for a long time.

  1. Plan & select: To prepare for the launch of a new domain, you need to plan the deployment, carefully selecting a set of highly engaged recipients for the initial mailings. These should then be sent thoughtfully and measured until you reach production volume.
  2. Continual improvement: This is a crucial period during which every iteration needs to be meticulously studied, adjustments made, and issues corrected – no matter how painful those corrections may be, i.e., how many potential recipients you need to remove from your segmentation.

Increasing volume and speed rates should depend on each previous deployment’s results. This means that today’s email marketers should be focusing on engagement. The days of  “batch and blast” are over. Still, the good news is that the more engagement an email receives, the better the domain’s reputation and deliverability improves. It is not instant and can be very frustrating, but it is worth it.

See our Deliverability 101 eBook for a detailed look at how to ensure emails are delivered successfully.

The guidance we’ve provided in this series is by no mean exhaustive, but it provides strong foundations to help you successfully build the reputation of your newly registered domain.

Spamhaus Intelligence API (SIA)

Spamhaus Intelligence API (SIA) contains context-rich metadata relating to IP and domain reputation. Integrate this data with your applications to enhance existing data feeds, or consume as an independent data source.

In this easy-to-consume format, SIA can be used for threat detection and investigation, risk scoring, customer vetting, validation and much more.

  • Save valuable time investigating and reporting
  • Simple and quick to access
  • Data you can trust in

When it comes to your web domains, put the controls back in your hands

29 March 2023


Choosing a domain name registrar may seem simple, but considering security risks in the domain and DNS ecosystem is crucial. In this blog post, Vincent D'Angelo, Global Director at CSC, shares insight into the role of domain registrars in domain ecosystem security and reputation.

Understanding top-level domain (TLD) abuse helps illuminate and predict domain threat trends

23 March 2023


The Domain Name System (DNS) is the backbone of the internet, enabling agile communication between internet entities. This blog post will focus on top-level domains (TLD), and how they can impact the security landscape.

Best practice for newly registered domains: PART 2 – Key considerations for purchasing

14 February 2023

Best practice

if you're confident you must buy a new domain, here are some key considerations to make before and immediately after the domain purchase.